IT Security & Privacy

AI Is Collapsing the Time Between Vulnerability & Attack, Luxembourg Regulator Warns

In guidance published Tuesday, Luxembourg's Commission de Surveillance du Secteur Financier (CSSF) warned that frontier artificial intelligence models are reshaping the cyber threat landscape by accelerating the speed, scale, and sophistication of attacks. While the technology presents significant opportunities, the regulator said it also gives malicious actors new tools to automate complex tasks, generate sophisticated code, and exploit vulnerabilities more quickly than traditional defensive practices were designed to withstand.

KPMG Survey Finds CISOs Caught Between AI Ambition & Security Reality

For all the attention artificial intelligence receives in boardrooms, one number in KPMG's latest cybersecurity survey stands out because of how ordinary it is. Only 24% of large organizations say AI is fully integrated into their cybersecurity programs. The rest are somewhere in between, testing it in isolated functions, weighing its value, or waiting for confidence to catch up with capability.

Australia Records Highest-Ever Data Breach Notifications as Cyber Threats Continue to Mount

There were 1,205 data breaches reported to the Australian privacy regulator in 2025. The new figures, released by the Office of the Australian Information Commissioner, show an 8% increase over the 1,112 notifications received in 2024. They do not necessarily mean organizations have become less secure; they do show that serious breaches remain a persistent feature of Australian business and government, and that reporting obligations under the Notifiable Data Breaches (NDB) scheme continue to generate a steady stream of disclosures whenever individuals are likely to face serious harm.

Danish Cyber Stress Test Spurs New Financial Sector Resilience Measures

A cyberattack that corrupts data presents a different kind of crisis from one that simply takes systems offline. Restoring servers is one challenge. Restoring confidence that the information inside them can still be trusted is another. Denmark's financial authorities chose that distinction as the foundation for a new operational resilience exercise whose conclusions reached well beyond the fictional attack itself.

EY Warns Frontier AI Is Exposing Enterprise Cybersecurity Blind Spots

For years, cybersecurity has rested on a bargain that most organizations scarcely questioned. Not every asset could receive the same level of protection, so security leaders concentrated their attention where the consequences of failure would be greatest. The systems most critical to the business became the crown jewels. Everything else received what time, people and budgets allowed. It was an imperfect arrangement, but for a long time it was a practical one.

Australian Telecom Providers Face New Transparency Requirements on Coverage & Network Outages

New rules introduced by the Australian Communications and Media Authority now require mobile network operators to publish standardized 4G and 5G coverage maps using four common ratings (good, moderate, basic and no coverage) alongside plain-English explanations of what each category actually means. The maps must be refreshed at least every three months, giving Australians a consistent basis for comparing competing networks.

The End of Point-in-Time Security

The most dangerous assumption in enterprise security is rarely the one anyone remembers making. It settles quietly into the organization, becoming less a decision than a background condition, until eventually everyone begins treating a moment in time as though it were a durable fact. A system was patched, supplier was assessed, and administrator's access was reviewed. The penetration test found nothing significant and the audit closed without material findings. The evidence exists, neatly timestamped and carefully preserved, carrying all the reassuring weight that documentation has always carried. Then the environment changes around it and almost never dramatically.